Fighting voice fraud with real-time intelligence

By Jay Jayasimha, CEO, Cataleya.

  • 8 years ago Posted in

Service provider profits are under pressure. Factors ranging from income lost to over-the-top alternatives to shifting regulatory landscapes mean that double digit margins have been relegated to the past. In today’s market, all opportunities to monetise must be seized and every possible source of lost earnings prevented.

 

Voice fraud, in its various forms, is one of the biggest threats to operator profitability. The Communications Fraud Control Association (CFCA) estimates that 1.69% of global telecom revenue is lost annually to criminals, amounting to a staggering $38.1 billion in total, this is clearly not a minor issue that can be filed away for future attention.

 

Fraud is a threat to all operators, wherever they are located and whatever their size. To the more vulnerable, it could even be the difference between survival and insolvency. It certainly won’t do any good to an operator’s reputation and image to be identified as a fraud victim.

 

Protecting Profits in Real-Time

 

Voice fraud can directly impact an operators’ profitability day-to-day and minute-to-minute. Even with this immediate risk to their businesses, operators have yet to fight voice fraud in real time.

 

Traditionally, operators have tackled fraud reactively, analysing historic data perhaps weeks after the criminal has dented their revenue stream and harmed their reputation in the eyes of customers. In the bad old days, there seemed no better way to combat fraud than to methodically work through call data records (CDRs) and invoices after the event, looking for evidence of foul play.

 

Evidence for fraud would not be typically available to the affected parties until the billing cycle was completed, this could take 30 days or more. A full investigation could even take up to six months to conclude, according to i3 Forum research, in the event of a dispute with other parties in the transaction. This is clearly an unsatisfactory way to deter criminals whose methods are swift, agile and potentially hard to pick up at the best of times.

 

The challenge is to identify fraud as it changes and evolves. Criminals are innovative and are continually finding new ways to elude operators. While there are a range of different schemes and scenarios where fraud occurs, there are also a few common types of fraud like:

 

·        False Answer Supervision

This can either involve triggering switches to start the billing process in, favoring one interconnect wrongfully, even though end subscriber hasn’t answer the call yet. Or a call can be hijacked and transferred to an IVR system preventing the caller from reaching the intended destination and still charging the subscriber for a service he did not get.

 

·        Wangiri Fraud

The fraudster automatically robot dials thousands of mobile numbers, terminating the call after one ring. This will prompt the unaware called subscribers to call back and being lured into a premium rate number which can cost as high as 15 USD per minute.

 

·        International Revenue Share

This fraud takes advantage of international destinations where termination comes at a premium rate. Either by use of a fraudulent SIM at the originating end of the call or a colluding third party at the termination end, these high rates can be exploited.

 

·        PBX Hacking          

An enterprise PBX is hacked, creating an opening for several types of fraud. A hacker might use out of office hours to make multiple calls to premium destinations, sharing the revenue with the terminating end.

 

·        Subscriber Identity Theft

In countries with high rates of incoming traffic, widely available SIMs and poor law enforcement, fraud can be committed easily by criminals using prepaid SIMs where identity is hard to trace.

 

·        Bypass Fraud

There are multiple ways for a criminal to bypass a legitimate carrier termination process, one of them would be to setup a SIM box in a destination. After publishing suspicious low rates in international LCR’s the fraudster haul voice IP traffic from legitimate wholesale carriers through the public Internet and terminate it in the destination by using local SIM cards in a SIM box.

 

There are different shades to each of these methods of fraud and that is what makes them so challenging to identify. The variations evolve and change over time and that is why new network intelligence and machine-learning have become so crucial in the fight against fraud.

 

A Proactive Approach using Big Data

 

Each type of fraud has its own characteristics that are reflected in network behaviour and can be identified with new network intelligence. A data-driven approach has been proven to work, whereby sophisticated Big Data analytics helps the service provider keep pace with evolving fraud techniques. Data captured by a Session Border Controller can both optimise performance of a network while simultaneously identifying and deterring crime.

 

Any loss from telecoms fraud is preventable. Tackling it leads to a healthier and more sustainable business. The constantly evolving nature of fraud makes it necessary to look at a new approach to fraud identification and mitigation, the right way is a method that evolves at a faster rate and adapts to any variation of the known methods seamlessly.

 

Operators need a proactive approach to fighting this type of crime, before it consumes their profits or even puts them out of business. What’s required is a way to pick up and analyse network data in real time, supported by machine learning algorithms, in a way that lets operators keep one step ahead of fraudsters.

 

Building Protection into the Network

 

Using a next generation session border controller (SBC) to gather real-time intelligence combined with the latest Big Data analytics methodologies turns an optimal concept into a practical reality.

 

The next gen SBC works by sitting directly in the path of the call, alerting the right people as abnormal behaviours are picked up. Not only is the SBC at the heart of the network, it is equipped for deep analysis, delivering unparallelled visibility and enabling immediate response. No longer are alerts triggered long after revenue leakage has occurred.

 

Machine learning, unlike the old school rule based policies, works alongside the SBC to build a pattern of activity that keeps getting richer and more informative over time. Disputes with other parties can be settled swiftly, since business intelligence can be shared immediately with them showing where a suspected fraud has occurred. In all cases, little or no user input is needed to deliver global security.

 

This new combination of visibility and predictability mean that the criminal no longer has the advantage.  Less than 24-hour is the new time cycle compared to the usual 30 days or 6 months in detection and resolution of the fraud, The operator now has a fighting chance to protect their profits and reputation.

 

Moving from a reactive to proactive approach to combat fraud makes it simpler and easier to identify voice fraud and enables operators to mitigate fraud as it happens. The old approach no longer matches operator requirements, especially when the visibility and intelligence can be built directly into the network.

 

By Martin Hosken, Field CTO, Cloud Providers, Broadcom.
By Jake Madders, Co-founder and Director at Hyve Managed Hosting.
By Apurva Kadakia, Global Head for Cloud, Hexaware.
By Terry Storrar, Managing Director at Leaseweb UK.
By Cary Wright, VP of Product Management, Endace.